Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/4FtfqVTM67KiqP3OaNNUMg7FmsU.roa
File: 4FtfqVTM67KiqP3OaNNUMg7FmsU.roa (raw, json)
Hash identifier: htSps2CK49ECgprPkr3poaIoTXVLQCwGAVFTmHmal2Q=
Subject key identifier: E0:5B:5F:A9:54:CC:EB:B2:A2:A8:FD:CE:68:D3:54:32:0E:C5:9A:C5
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B23007BFD4D873C8462538E2E0951C
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/4FtfqVTM67KiqP3OaNNUMg7FmsU.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204744
IP address blocks: 195.136.27.0/24 maxlen: 24
195.136.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:30:07:bf:d4:d8:73:c8:46:25:38:e2:e0:95:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e05b5fa954ccebb2a2a8fdce68d354320ec59ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:37:3c:e4:26:a1:4f:ae:42:14:d7:c6:c8:d5:
c5:0a:09:69:aa:64:91:d0:90:a6:1a:24:2f:be:5f:
63:74:f4:7f:38:ca:1d:50:58:c4:f0:04:88:52:5c:
7f:66:c2:fa:79:bb:d9:04:9a:c3:c7:7e:f0:c0:bc:
bb:aa:5f:dd:65:dd:01:5e:32:c6:78:2b:8e:25:38:
a0:39:8b:24:3e:d5:6c:51:5e:8c:da:c8:99:47:99:
c1:e7:2d:b0:02:22:5a:47:74:60:e4:01:96:8f:c0:
6d:41:3b:fd:eb:46:42:e0:de:6a:f9:2f:df:85:86:
ca:33:91:62:e8:f0:43:08:d1:da:99:a5:26:21:76:
39:7b:bd:e5:bd:c2:db:8e:6f:f5:66:50:7e:5d:63:
51:96:5e:7c:69:1f:fb:50:68:88:6b:22:bb:74:dc:
69:c9:a5:9a:bf:e5:90:1c:0f:af:3c:fb:da:5f:53:
3c:49:7d:f3:04:16:89:fa:2a:4b:1e:8c:f4:8d:6f:
6f:e9:4f:cb:1e:5b:75:ef:2b:23:b1:27:34:cd:7e:
0e:59:1f:70:04:bb:e3:02:d4:a8:da:14:e1:6f:d9:
7b:21:a7:8d:e8:4e:17:e8:8e:ce:00:32:4e:f3:cc:
a9:64:55:30:73:f4:d3:9b:1b:9e:8c:47:89:40:79:
c6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5B:5F:A9:54:CC:EB:B2:A2:A8:FD:CE:68:D3:54:32:0E:C5:9A:C5
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/4FtfqVTM67KiqP3OaNNUMg7FmsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.27.0/24
195.136.65.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:b4:48:16:6e:50:a4:41:94:a4:41:a7:d5:20:98:af:7c:64:
63:ef:15:d5:51:89:41:ab:a7:0a:84:d5:29:58:d7:a4:bb:e5:
dd:c5:16:bc:15:ae:7e:f0:47:33:fe:2b:57:db:74:b7:c4:f6:
58:46:65:bf:dd:72:34:fe:b8:0c:2e:ee:17:66:46:99:6e:b7:
e8:a2:dd:33:e9:5a:c1:2b:db:00:b3:1a:ac:3d:2e:da:90:ec:
a7:11:82:f7:04:e6:1b:c3:8e:35:dc:d3:a2:79:65:b7:b6:d0:
d1:04:75:e0:7b:d2:a4:4f:9b:c7:9d:0d:06:9f:12:15:98:01:
27:ae:46:1a:07:37:62:7b:9d:c4:81:d8:9d:f6:e1:87:80:29:
f9:4a:c5:b7:86:7c:2d:c4:be:25:d6:4f:3a:26:0f:f5:e3:6b:
9f:f8:ff:59:44:7d:e4:d0:49:bf:1b:e9:98:80:79:b2:d4:62:
b4:60:87:73:76:13:bd:8f:6a:af:15:0e:59:1a:bd:58:18:fa:
15:e4:bb:f4:95:b9:03:d8:79:8c:8b:d0:bd:40:6b:c2:b1:f2:
0f:55:79:ea:36:35:60:ab:f2:7e:db:b3:5d:92:a9:29:98:3f:
1e:11:0c:63:68:4e:08:56:2f:94:fb:74:30:c8:c9:3e:3c:ab:
72:6c:9c:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsjAHv9TYc8hGJTji4JUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDViNWZhOTU0Y2NlYmIyYTJhOGZkY2U2OGQzNTQzMjBlYzU5YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDc85CahT65CFNfGyNXFCglpqmSR
0JCmGiQvvl9jdPR/OModUFjE8ASIUlx/ZsL6ebvZBJrDx37wwLy7ql/dZd0BXjLG
eCuOJTigOYskPtVsUV6M2siZR5nB5y2wAiJaR3Rg5AGWj8BtQTv960ZC4N5q+S/f
hYbKM5Fi6PBDCNHamaUmIXY5e73lvcLbjm/1ZlB+XWNRll58aR/7UGiIayK7dNxp
yaWav+WQHA+vPPvaX1M8SX3zBBaJ+ipLHoz0jW9v6U/LHlt17ysjsSc0zX4OWR9w
BLvjAtSo2hThb9l7IaeN6E4X6I7OADJO88ypZFUwc/TTmxuejEeJQHnGLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOBbX6lUzOuyoqj9zmjTVDIOxZrFMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvNEZ0ZnFWVE02N0tpcVAzT2FOTlVNZzdGbXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4gbAwQA
w4hBMA0GCSqGSIb3DQEBCwUAA4IBAQCrtEgWblCkQZSkQafVIJivfGRj7xXVUYlB
q6cKhNUpWNeku+XdxRa8Fa5+8Ecz/itX23S3xPZYRmW/3XI0/rgMLu4XZkaZbrfo
ot0z6VrBK9sAsxqsPS7akOynEYL3BOYbw4413NOieWW3ttDRBHXge9KkT5vHnQ0G
nxIVmAEnrkYaBzdie53Egdid9uGHgCn5SsW3hnwtxL4l1k86Jg/142uf+P9ZRH3k
0Em/G+mYgHmy1GK0YIdzdhO9j2qvFQ5ZGr1YGPoV5Lv0lbkD2HmMi9C9QGvCsfIP
VXnqNjVgq/J+27NdkqkpmD8eEQxjaE4IVi+U+3QwyMk+PKtybJyA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:44 2025 by rpki-client